Relays stays at 0/1 on NAS?

Here’s the setup: Syncthing on NAS Sync Protocol Listen Addresses: tcp://0.0.0.0:22001 UPnP: Off

Router Port forwards: 0.0.0.0:21025 -> NAS:21025 (for discovery servers) 0.0.0.0:22001 -> NAS:22001

Syncthing on NAS device gets 3/6 discovery servers (no IPv6 available here), but does not seem to be able to connect to the single relay server, as it stays at 0/1 indefinitely.

I have also tried enabling UPnP on both the router and Syncthing, but it made no difference.

You can try setting STTRACE=relay env var.

Nothing obvious, at least. There are no errors whatsoever since the last startup, though the verbosity level may be low. http://pastebin.com/AAf04ypy

Other devices in the same local network, sharing the same internet connection and without any port forwards on the router, connect to the relay server without issues.

Ment to reply, but instead edited my old post. Sorry.

Thanks, here’s something: http://pastebin.com/fkVxUF8u

tl;dr failed to lookup dynamic relays Get https://relays.syncthing.net/endpoint: x509: failed to load system roots and no roots provided

You need to install root certificates for your OS.

Should we log that error regardless of whether STRACE=relay is set?

As info potentially

I’m not familiar with the process and some googling made me none the wiser; where do I find the necessary certificate for the default relay server?

Of the three Linux-based devices I run Syncthing on, the NAS (a ZyXEL NSA325v2) is the only one that seems to require these additional steps.

Well your Linux distribution provider provides the certificates in a package. ca-certificates is usually the package name you need to install, for any further steps, consult with your distribution provider, as we can’t provide support for your linux distribution.

Thanks for the pointers. From what I’ve found out, or rather what I haven’t, I’m giving up on getting the relay bit working on this device.

If you curl -v https://relays.syncthing.net/endpoint, you should get an error. If you Google for that error + name of your linux distribution, you should be able to find instructions how to fix it.

Thanks, that did it. I didn’t really find anything of use via google, but as curl tried accessing /etc/ssl/certs/ca-certificates.crt, which did not exist, I just created /etc/ssl/certs and copied over ca-bundle from my Sailfish phone as ca-certificates.crt. Probably not the proper nor the ideal solution, but now curl returns the relay server list and Syncthing shows “Relays 1/1”.

This of course resulted in a bunch of unnecessary (159) certificates on the NAS, but as I’ve no idea how to single out the one I need I guess I’ll let them be.

3 Likes

Can’t edit posts here?

Relays stopped working after rebooting the NAS; the /etc/ssl/certs folder had disappeared! I guess this explains why it never worked before, for some reason the folder is removed (or the contents of /etc/ssl are mirrored from elsewhere) on startup. Couldn’t quickly find out why or how, so I added a startup script to create /etc/ssl/certs and symlink ca-certificates.crt from elsewhere.

The solution feels a bit cheap, but at least it seems to work.

Again, sadly it’s not caused by syncthing, so we can’t help.

Indeed, I only posted the steps taken and the aftermath in case someone with a NSA325 faces the same issue. The only case of Syncthing on NSA325 I’ve read of was before the relay servers were introduced.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.